AuthEndpoint.RequireUserConsent

Is consent required

This test checks if the authorization server requires user consent before issuing a token without client authentication.

View source code on GitHub

Documents

This test is part of the following document(s):

• The OAuth 2.0 Authorization Framework (RFC6749), section 10.2 (should)
• OAuth 2.0 Threat Model and Security Considerations (RFC6819), section 5.2.3.2 (should)

Back to the test case overview or the threat overview